Senior Information Security GRC Analyst; Security Architect - Consultant

Position: Senior Information Security GRC Analyst (Security Architect - Consultant)
Location: Columbia

Title: Senior Information Security GRC Analyst (Security Architect - Consultant) (11518)
Client: State of South Carolina – Department of Administration (Division of Information Security)
Location: Columbia, SC 29210 (Remote)
Duration: 12 Months
Interview Process: 1–2 Rounds of Virtual Interviews (In-person availability preferred)
Candidate Location: No South Carolina residency required. Open to nationwide candidates. Preference will be given to local candidates who can attend client meetings, trainings, and other onsite activities as needed. Travel expenses for onsite work are the responsibility of the consultant.

Daily Duties / Responsibilities:

• Support DIS in executing the statewide Information Security Program.
• Conduct interviews with business owners, technical teams, administrators, and third parties to understand agency security processes.
• Develop and track agency Information Security implementation plans.
• Review security documentation to ensure compliance with established security controls.
• Document policies, procedures, and security processes.
• Perform security compliance assessments using standard control frameworks.
• Assess agency compliance with NIST 800-53 security controls.
• Track POA&M and Corrective Action Plan (CAP) activities.
• Utilize Archer or similar GRC tools to manage compliance activities.
• Identify process improvements and assist agencies with security implementation.
• Manage multiple information security initiatives while meeting project deadlines.
• Collaborate with agency stakeholders to improve overall security compliance.

Required Skills:

• 10+ years of Information Security and Compliance experience.
• 2+ years of experience performing security audits using a standard control framework as an Auditor or Information System Security Officer (ISSO).
• Strong working knowledge of NIST SP 800-53 (2+ years).
• Experience with POA&M (Plan of Action & Milestones) or Corrective Action Plans (CAP).
• 3+ years of experience using Archer or similar GRC tools.
• Strong written and verbal communication skills.
• Bachelor's Degree (completed and verifiable).

Preferred Skills:

• Experience developing Information Security Plans (ISP) or System Security Plans (SSP).
• Experience managing multiple information security work efforts simultaneously.
• Knowledge of IRS 1075, HIPAA, CJIS, MARS-E, and/or PCI-DSS.
• Government/Public Sector experience.
• Strong business process analysis and documentation skills.

Required Education:

• Bachelor's Degree (Required)

Preferred Certifications:

• CISA
• GSLC
• Equivalent Information Security Certification

About Us:
Inter Sources Inc , is a Small, Woman, and Minority-Owned Business Enterprise, ISO/IEC 27001, SOC 2 Type 2 certified company with massive 18+ years of diversified experience in providing IT Consulting Services, Artificial Intelligence, Data Analysis, Application Development, Cloud Services, Cybersecurity, Digital Marketing, ERP Management, Custom Software Development, Web Development, UI/ UX Design, System Integration, QA Support etc. We make reasonable accommodations for clients and employees, and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, or marital status.

We also are a Google Cloud and Oracle partner company.